ytt
ytt copied to clipboard
carvel-dev
Multiple CVEs reported by Trivy scan tool for v0.52.0
The listed CVEs for v0.52.0 includes HIGH.
Vulnerabilities Summary
Total: 3
Severity: UNKNOWN: 0, LOW: 0, MEDIUM: 2, HIGH: 1, CRITICAL: 0
| Library | Vulnerability | Severity | Status | Installed Version | Fixed Version | Title |
|---|---|---|---|---|---|---|
| stdlib | CVE-2025-22874 | HIGH | fixed | 1.24.2 | 1.23.10, 1.24.4 | crypto/x509: Usage of ExtKeyUsageAny disables policy validation in crypto/x509 |
| stdlib | CVE-2025-0913 | MEDIUM | — | — | — | Inconsistent handling of `O_CREATE |
| stdlib | CVE-2025-4673 | MEDIUM | — | — | — | Proxy-Authorization and Proxy-Authenticate headers persisted on cross-origin requests |
